Https > can't login to panel

Kirby 3 Solved ✅
1

After site deployment and forcing https and domain without www like this:

RewriteCond %{HTTP_HOST} !=localhost
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]

I can’t login to the panel:

The panel cannot connect to the API

After removing the accounts folder I tried:

return [
  'panel' =>[
    'install' => true
  ]
];

But no joy:

Failed to fetch

I can login after I remove the htaccess rules, using http.
(kirby 3.3.4)

I’m using chrome, and this seems to be blocked by a CORS policy:

login:1 Access to fetch at 'xxx' from origin 'https://mydomain.nl' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
www.mydomain.nl/api/system?view=panel:1 Failed to load resource: net::ERR_FAILED

I had some add blocker installed I’ve disabled it but no change and Safari shows the same error.

Tried Allow cross-origin requests from HTML5bp:

<IfModule mod_headers.c>
  Header set Access-Control-Allow-Origin "*"
</IfModule>

But no change.
Not sure how to proceed, help is appreciated.

2

Did you put that at the top of the .htacess? Have you checked if you can set the redirect in your hosting provider’s control panel instead of in .htaccess?

3

my htaccess file:

# Kirby .htaccess

# rewrite rules
<IfModule mod_rewrite.c>

# enable awesome urls. i.e.:
# http://yourdomain.com/about-us/team
RewriteEngine on

RewriteCond %{HTTP_HOST} !=localhost
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]

# make sure to set the RewriteBase correctly
# if you are running the site in a subfolder.
# Otherwise links or the entire site will break.
#
# If your homepage is http://yourdomain.com/mysite
# Set the RewriteBase to:
#
# RewriteBase /mysite

# In some environments it's necessary to
# set the RewriteBase to:
#
#RewriteBase /

# block files and folders beginning with a dot, such as .git
# except for the .well-known folder, which is used for Let's Encrypt and security.txt
RewriteRule (^|/)\.(?!well-known\/) index.php [L]

# block text files in the content folder from being accessed directly
RewriteRule ^content/(.*)\.(txt|md|mdown)$ index.php [L]

# block all files in the site folder from being accessed directly
# except for requests to plugin assets files
RewriteRule ^site/(.*) index.php [L]

# Enable authentication header
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

# block direct access to kirby and the panel sources
RewriteRule ^kirby/(.*) index.php [L]

# make site links work
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php [L]

</IfModule>

# compress text file responses
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/json
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>

I will have look if I can set it in DirectAdmin …

4

I have set in DirectAdmin:

  • Force Redirect www.mydomain.nl >mydomain.nl
  • Redirect HTTP to HTTPS

Added the underneath to: site > config > config.www.mydomain.nl.php:

  'panel' =>[
    'install' => true
  ]

Deleted site > accounts

And I was able to install the panel.
Thanks @texnixe

Did I ever tell you, you are awesome? No?
You are A W E S O M E :smiley:

2 Likes
5

Thank you :slightly_smiling_face:! Always happy when problems get solved.